<!--
  - LoginLib.php
  - v1.01
  - 3/7/2011
  - This is a php file containing database functions used for user login.
  -->
<?php
	/**
	 * The function looks for an entry in the 'login' database table where the
	 * specified parameters for the username and password are the same as from
	 * those of the user's input.
	 * @param unknown_type $username
	 * @param unknown_type $password
	 * @param unknown_type $database
	 * @param unknown_type $host
	 * @param unknown_type $login
	 * @param unknown_type $loginpassword
	 */
	function LookFor($username, $password, $database, $host, $login,
			$loginpassword){
		//Create connection.
		$con = mysql_connect($host, $login, $loginpassword) or
			die('Could not connect: ' . mysql_error());
		mysql_select_db($database) or die(mysql_error());
		
		//Set-up and execute connection.
		$query = "SELECT * FROM login where USERNAME = '". $username."'";
		$result = mysql_query($query);
		$row = mysql_fetch_array($result) ;
		
		//Close the connection.
		mysql_close($con);
		if($row['PASSWORD'] == md5($password)) return $row['USERTYPE'];
		else return FALSE;
		
	}
	
	/**
	 * The function gathers the username of the person with the given $username
	 * variable.
	 * @param unknown_type $username
	 * @param unknown_type $database
	 * @param unknown_type $host
	 * @param unknown_type $login
	 * @param unknown_type $loginpassword
	 */
	function GetUsername($username, $database, $host, $login,
			$loginpassword){
		//Create connection.
		$con = mysql_connect($host, $login, $loginpassword) or
			die('Could not connect: ' . mysql_error());
		mysql_select_db($database) or die(mysql_error());
		
		//Set-up and execute connection.
		$query = "SELECT NAME FROM users where USERNAME = '". $username."'";
		$result = mysql_query($query);
		$row = mysql_fetch_array($result) ;
		
		//Close the connection.
		mysql_close($con);
		if($row['NAME'] != "") return $row['NAME'];
		else return FALSE;
		
	}
	
	/**
	 * Tbe function lets the caller insert a user for the 'login' and 'users'
	 * databse tables, and checks if they are already duplicated or not.
	 * @param unknown_type $username
	 * @param unknown_type $password
	 * @param unknown_type $usertype
	 * @param unknown_type $name
	 * @param unknown_type $title
	 * @param unknown_type $position
	 * @param unknown_type $database
	 * @param unknown_type $host
	 * @param unknown_type $login
	 * @param unknown_type $loginpassword
	 */
	function InsertNewUser($username, $password, $usertype, $name, $title, 
			$position, $database, $host, $login, $loginpassword){ 
		//Check the database for redundant entries.
		$foundusers = LookFor($username, $password, $database, $host, $login,
			$loginpassword);
		
		//If an entry was found
		if(count($foundusers) > 0 && $foundusers["PASSWORD"] != "")
			return FALSE;
		
		//Create connection.
		$con = mysql_connect($host, $login, $loginpassword) or
			die('Could not connect: ' . mysql_error());
		mysql_select_db($database) or die(mysql_error());
		$password  = md5($password);
		//Insert the entry into the database.
		$loginQuery = "INSERT INTO login VALUES ('$username','$password',
				'$usertype')";
		$userQuery = "INSERT INTO users VALUES ('$username','$name','$title',
				'$position')";
		$login = mysql_query($loginQuery);
		$user = mysql_query($userQuery);
	
		//Close the connection.
		mysql_close($con);
		if($login == TRUE && $user == TRUE) return TRUE;
		else return FALSE;
	}
?>





